Security B-Sides MSP 2016 Derek Arnold "Accessible Threat Intelligence with the Splunk app- Optiv Threat Intel"
Optiv Threat Intel is a Splunk App that automatically correlates your data with several popular open threat lists. After a few mouse clicks we can start hunting for log sources that are reaching out to, or being attacked from, known attackers. The app can provide increased visibility to potentially malicious activity going on in the organization.
Slides can be found here: https://archive.org/details/2016BSidesMSPSlides